<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.sql.*" errorPage="" %>
<%@ include file="../Connections/A146240Connection.jsp" %>
<%
// *** Restrict Access To Page: Grant or deny access to this page
String MM_authorizedUsers="146240,151945,152786,153948";
String MM_authFailedURL="../login.jsp";
boolean MM_grantAccess=false;
if (session.getValue("MM_Username") != null && !session.getValue("MM_Username").equals("")) {
  if (false || (session.getValue("MM_UserAuthorization")=="") || 
          (MM_authorizedUsers.indexOf((String)session.getValue("MM_UserAuthorization")) >=0)) {
    MM_grantAccess = true;
  }
}
if (!MM_grantAccess) {
  String MM_qsChar = "?";
  if (MM_authFailedURL.indexOf("?") >= 0) MM_qsChar = "&";
  String MM_referrer = request.getRequestURI();
  if (request.getQueryString() != null) MM_referrer = MM_referrer + "?" + request.getQueryString();
  MM_authFailedURL = MM_authFailedURL + MM_qsChar + "accessdenied=" + java.net.URLEncoder.encode(MM_referrer);
  response.sendRedirect(response.encodeRedirectURL(MM_authFailedURL));
  return;
}
%>
<%@ page import="java.io.*"%>
<%@ page import="java.io.File"%>  
<%@ page import="org.apache.commons.fileupload.*"%>  
<%@ page import="org.apache.commons.fileupload.disk.*"%>  
<%@ page import="org.apache.commons.fileupload.servlet.*"%>  
  
<%
// *** Edit Operations: declare variables

// set the form action variable
String MM_editAction = request.getRequestURI();
if (request.getQueryString() != null && request.getQueryString().length() > 0) {
  String queryString = request.getQueryString();
  String tempStr = "";
  for (int i=0; i < queryString.length(); i++) {
    if (queryString.charAt(i) == '<') tempStr = tempStr + "&lt;";
    else if (queryString.charAt(i) == '>') tempStr = tempStr + "&gt;";
    else if (queryString.charAt(i) == '"') tempStr = tempStr +  "&quot;";
    else tempStr = tempStr + queryString.charAt(i);
  }
  MM_editAction += "?" + tempStr;
}

// connection information
String MM_editDriver = null, MM_editConnection = null, MM_editUserName = null, MM_editPassword = null;

// redirect information
String MM_editRedirectUrl = null;

// query string to execute
StringBuffer MM_editQuery = null;

// boolean to abort record edit
boolean MM_abortEdit = false;

// table information
String MM_editTable = null, MM_editColumn = null, MM_recordId = null;

// form field information
String[] MM_fields = null, MM_columns = null;
%>
<%
// *** Delete Record: construct a sql delete statement and execute it

if (request.getParameter("MM_delete") != null &&
    request.getParameter("MM_delete").toString().equals("deleteForm") &&
    request.getParameter("MM_recordId") != null) {

  MM_editDriver     = MM_A146240Connection_DRIVER;
  MM_editConnection = MM_A146240Connection_STRING;
  MM_editUserName   = MM_A146240Connection_USERNAME;
  MM_editPassword   = MM_A146240Connection_PASSWORD;
  MM_editTable = "A152786.PRODUCT";
  MM_editColumn = "PRODUCT_ID";
  MM_recordId = "" + request.getParameter("MM_recordId") + "";
  MM_editRedirectUrl = "manageProduct.jsp";

  // append the query string to the redirect URL
  if (MM_editRedirectUrl.length() != 0 && request.getQueryString() != null) {
    MM_editRedirectUrl += ((MM_editRedirectUrl.indexOf('?') == -1)?"?":"&") + request.getQueryString();
  }
}
%>
<%
// *** Delete Record: construct a sql delete statement and execute it

if (request.getParameter("MM_delete") != null &&
    request.getParameter("MM_recordId") != null) {

  // create the delete sql statement
  MM_editQuery = new StringBuffer("delete from ").append(MM_editTable);
  MM_editQuery.append(" where ").append(MM_editColumn).append(" = ").append(MM_recordId);
  
  if (!MM_abortEdit) {
    // finish the sql and execute it
    Driver MM_driver = (Driver)Class.forName(MM_editDriver).newInstance();
    Connection MM_connection = DriverManager.getConnection(MM_editConnection,MM_editUserName,MM_editPassword);
    PreparedStatement MM_editStatement = MM_connection.prepareStatement(MM_editQuery.toString());
    MM_editStatement.executeUpdate();
    MM_connection.close();
	
    // redirect with URL parameters
    if (MM_editRedirectUrl.length() != 0){
      response.sendRedirect(response.encodeRedirectURL(MM_editRedirectUrl));
      return;
    }
  }
}
%>
<%
String Recordset1__MMColParam = "1";
if (request.getParameter("PRODUCT_ID") !=null) {Recordset1__MMColParam = (String)request.getParameter("PRODUCT_ID");}
%>
<%
Driver DriverRecordset1 = (Driver)Class.forName(MM_A146240Connection_DRIVER).newInstance();
Connection ConnRecordset1 = DriverManager.getConnection(MM_A146240Connection_STRING,MM_A146240Connection_USERNAME,MM_A146240Connection_PASSWORD);
PreparedStatement StatementRecordset1 = ConnRecordset1.prepareStatement("SELECT * FROM A152786.PRODUCT WHERE PRODUCT_ID = " + Recordset1__MMColParam + " ORDER BY PRODUCT_ID ASC");
ResultSet Recordset1 = StatementRecordset1.executeQuery();
boolean Recordset1_isEmpty = !Recordset1.next();
boolean Recordset1_hasData = !Recordset1_isEmpty;
Object Recordset1_data;
int Recordset1_numRows = 0;
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>POWA Store [Remove Product]</title>
</head>

<body>
<%String productName=(((Recordset1_data = Recordset1.getObject("PRODUCT_NAME"))==null || Recordset1.wasNull())?"":Recordset1_data).toString();%>
<form action="<%=MM_editAction%>" method="POST" name="deleteForm">
	<%out.println("Confirm delete "+productName+" ?");%>
  <input type="hidden" name="MM_delete" value="deleteForm">
  <input type="hidden" name="MM_recordId" value="<%=(((Recordset1_data = Recordset1.getObject("PRODUCT_ID"))==null || Recordset1.wasNull())?"":Recordset1_data)%>">
  <input type="submit" value="Confirm">
</form>
</body>
</html>
<%
Recordset1.close();
StatementRecordset1.close();
ConnRecordset1.close();
%>
